letsencrypt-cert-exists

Example:

# Install a letsencrypt certificate.
- letsencrypt-cert-exists:
    letsencrypt_cert_domains:
    - dev.frkl.io
    letsencrypt_email: hello@frkl.io

Description

Request and setup a lets-encrypt certificate for a hostname.

This also creates a cron-job that monitors the certificate for expiration, and re-news it if necessary.

If webserver_service_name is provided, that service is stopped before cert request, and restarted after.

Resources

Variables

Name Type Default Description

domain_names

list --

The hostname(s). Required

document_root

string /var/www

The webroot path for the webserver (check underlying role for details).

email

string --

The email address to use with the letsencrypt service.

letsencrypt_staging

boolean False

This is useful for development, as the production server only allows for a certain number of certificate requests per day/week.

renewal_command

string --

The command to use for renewal in the cron job (check underlying role for details).

webserver_service_name

string --

The webserver service name, to be able to stop the service before cert request.

Examples

Example 1

Install a letsencrypt certificate.

Code
- letsencrypt-cert-exists:
    letsencrypt_cert_domains:
    - dev.frkl.io
    letsencrypt_email: hello@frkl.io

Command-line

frecklecute letsencrypt-cert-exists --help

Usage: frecklecute letsencrypt-cert-exists [OPTIONS]

  Request and setup a lets-encrypt certificate for a hostname.

  This also creates a cron-job that monitors the certificate for expiration,
  and re-news it if necessary.

  If ``webserver_service_name`` is provided, that service is stopped before
  cert request, and restarted after.

Options:
  --domain HOST_NAME              The hostname(s).  [required]
  --document-root DOCUMENT_ROOT   The webroot path for the webserver (check
                                  underlying role for details).
  --email EMAIL                   The email address to use with the
                                  letsencrypt service.
  --letsencrypt-staging / --no-letsencrypt-staging
                                  Whether to use the letsencrypt staging
                                  server instead of production.
  --renewal-command RENEWAL_COMMAND
                                  The command to use for renewal in the cron
                                  job (check underlying role for details).
  --webserver-service-name WEBSERVER_SERVICE_NAME
                                  The webserver service name, to be able to
                                  stop the service before cert request.
  --help                          Show this message and exit.